Windows 2000 & Mandrake MNF

[Lynn Anderson]

Hi,

Trying to set up a Windows 2000 client (with latest MS patches) as
a road warrior with VPN (ipsec) to connect to a Mandrake MNF server (free
download). I have generated the certificates and converted it to P12
format, and imported it automatically using MMC certificate import wizard.
I have set up IP Security Policies in MMC and a VPN connection ( Dial-up
Connections )to use IPSec and configured it to connect to the MNF IPSec
server. The error message I get on Windows 2000 is:

Error 798: A certificate could not be found that can be used with this
Extensible Authentication Protocol.

My questions are:

Does Windows 2000 support IPSec as a road warrior natively?
Does Windows 2000 support the certificates generated by Mandrake MNF?
Is there more support in the purchased version of Mandrake MNF than the
download version?

Regards.

 

[Steven L Umbach]

I don't know specifically about Mandrake but I would check on two things. Make sure
that you have a "computer" certificate in the mmc snapin for computer [Not user] on
the W2K client in the personal folder, and that the certificate properties list
client authentication or ip security. The other important item is to have the
certificate of the Certificate Authority from the issuing CA in the trusted root
store on the W2K computer. This can be done by exporting the CA certificate to a .cer
file and then copying it to the W2K computer and importing it into the Trusted Root
CA store which it may do automatically when you execute the .cer file. Otherwise go
the mmc snapin for computer again and go to the Trusted Root CA folder, right click
it and select import and then select the .cer file for the CA. --- Steve

 

[Lynn Anderson]

Nope. Did not work. Looking around the net and MS web site, it seems that
Microsoft O/S's cannot take part in a pure IPSec network. The solution now
is to throw off Windows and install a Linux client.